Dify Knowledge Base Search
PassAudited by ClawScan on May 1, 2026.
Overview
The skill appears to do what it says: use a Dify API key to list and search Dify knowledge bases for RAG context.
This skill is reasonable to install if you trust the Dify instance and are comfortable giving the agent read access through the configured Dify API key. Prefer a least-privileged key, specify the intended dataset when possible, and treat retrieved knowledge-base text as potentially sensitive context.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent can access Dify datasets that the configured API key is allowed to read.
The script uses the configured Dify API key as a bearer token to access Dify datasets. This is expected for the skill, but the key's permissions define how much knowledge-base data the skill can read.
api_key = os.environ.get("DIFY_API_KEY") ... "Authorization": f"Bearer {api_key}"Use a least-privileged Dify API key and configure the intended Dify base URL carefully.
Knowledge-base content may be surfaced in conversations and can shape the agent's response.
The documentation explicitly recommends using retrieved dataset content as model context. This is the intended RAG behavior, but retrieved text can influence answers and may contain sensitive or untrusted material.
context = "\n".join([r["content"] for r in results["results"]])
final_prompt = f"Answer based on context:\n\n{context}\n\nQuestion: {query}"Only connect trusted datasets, avoid storing malicious instructions in knowledge-base content, and review outputs when datasets contain sensitive material.
Future installs may receive whatever requests version the package source provides.
The skill depends on the Python requests package without a pinned version. This is common and purpose-aligned, but the exact installed package version is not fixed by the artifact.
[1] node | package: requests
If reproducibility matters, pin dependency versions in your environment or install from a trusted package source.